Clearing the “Mounted Devices” database in Windows
Something I found useful when doing image deployment of Windows: being able to clear the mount devices list. In some instances, Windows will not boot properly or it will boot from the wrong device until you do it. You don’t need to do this with sysprep (it does it for you), however sysprep won’t work in an iSCSI configuration due to redetecting the network card and resetting all the iSCSI configuration.
For this, you can use the chntpw utility.
First of all, mount the Windows partition.
Then crack it open with chntpw’s registry editor, and remove the entries.
# chntpw -e WINDOWS/system32/config/system
chntpw version 0.99.6 080526 (sixtyfour), (c) Petter N Hagen
Hive name (from header):
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 686c
Page at 0x54f000 is not 'hbin', assuming file contains garbage at end
File size 5767168 [580000] bytes, containing 1254 pages (+ 1 headerpage)
Used for data: 108658/5500560 blocks/bytes, unused: 1836/21680 blocks/bytes.Simple registry editor. ? for help.> cd MountedDevices
You can now show the mounted devices table. This one is populated with a bunch of stuff:
\MountedDevices> ls
Node has 0 subkeys and 8 values
size type value name [value if type DWORD]
12 REG_BINARY <\??\Volume{a04045a6-480a-11df-8146-806d6172696f}>
12 REG_BINARY <\??\Volume{a04045a7-480a-11df-8146-806d6172696f}>
238 REG_BINARY <\??\Volume{a04045a8-480a-11df-8146-806d6172696f}>
164 REG_BINARY <\??\Volume{a04045a9-480a-11df-8146-806d6172696f}>
12 REG_BINARY <\DosDevices\C:>
12 REG_BINARY <\DosDevices\D:>
164 REG_BINARY <\DosDevices\A:>
238 REG_BINARY <\DosDevices\E:>
Removing it is as simple as the ‘delallv’ command.
\MountedDevices> delallv\MountedDevices> qHives that have changed:
# Name
0
Write hive files? (y/n) [n] : y
0 - OK
And then it’s done. You can unmount the partition, and boot Windows again.